Mobile-Security-Framework-MobSF
Summary
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. The Dynamic Analyzer helps you to perform runtime security assessment and interactive instrumented testing.
Requirements
- Follow the Install Mobile-Security-Framework-MobSF guide for static analysis.
- Optional: Follow the Install Genymotion guide for dynamic analysis.
Description
Step 1: Open the Webpage
Step 2: Upload Mobile Application
Select the upload button. This could take a while, because MobSF will decompile the apk and analyze all the files and dependencies.
Step 3: Static Analysis
After uploading our Mobile Application the Report will be generated and we can see the resulting information. On the starting page we can see a general overview about the results:
If MobSF finds CWE's during the code analysis, the results will be shown like this:
MobSF also gives the user the opportunity to compare different apks.
Optional Step 4: Dynamic Analysis
If the dynamic analysis is started, a emulation of the app will be started and it is possible to monitor the behaviour and possibly load some Java scripts.
Courses
- Sichere Softwareentwicklung (IT-Security 22/23)